---
infra::role: base
+infra::additional_classes:
+ - nginx
+ - nodejs
+ - infra::profile::mongodb_server
+
+nodejs::repo_url_suffix: '4.x'
+nodejs::manage_package_repo: true
+
+nginx::config::proxy_hide_header:
+ - X-Powered-By
+nginx::config::http_tcp_nopush: 'on'
+nginx::config::gzip_types: 'text/plain text/css text/javascript application/x-javascript application/xml text/xml application/json application/javascript application/xml+rss text/x-js'
+nginx::config::gzip_comp_level: 9
+nginx::nginx_vhosts:
+ rocket-chat:
+ server_name:
+ - dev-chat.pixelpark.com
+ ssl: true
+ ssl_cert: /etc/pki/tls/certs/wildcard.pixelpark.com-cert.pem
+ ssl_key: /etc/pki/tls/private/wildcard.pixelpark.com-key.pem
+ ssl_dhparam: /etc/ssl/certs/dhparam.pem
+ ssl_ciphers: 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'
+ ssl_protocols: 'TLSv1.2'
+ rewrite_to_https: true
+ proxy: http://rocket_chat
+ add_header:
+ Strict-Transport-Security: "max-age=63072000"
+ X-Content-Type-Options: nosniff
+ X-XSS-Protection: '1; mode=block'
+ X-Frame-Options: DENY
+ proxy_set_header:
+ - 'Host $host:$server_port'
+ - 'Upgrade $http_upgrade'
+ - 'Connection "upgrade"'
+ - 'Host $host'
+ - 'X-Real-IP $remote_addr'
+ - 'X-Forwarded-For $proxy_add_x_forwarded_for'
+ - 'X-Forwarded-Proto https'
+ - 'X-Forwarded-Ssl on'
+ - 'X-Nginx-Proxy true'
+ - 'Referer $http_referer'
+ client_max_body_size: '50m'
+ error_pages:
+ 497: https://$host:$server_port$request_uri
+nginx::nginx_upstreams:
+ rocket_chat:
+ members:
+ - 127.0.0.1:3000
+
+infra::profile::mongodb_server::backup::replicaonslave: 'no' # Wir sind eine Standalone Instance
+mongodb::globals::version: '2.6.12-4.el7'
+mongodb::server::master: true # Wir sind eine Standalone Instance
+mongodb::server::bind_ip: '0.0.0.0'
+mongodb::server::ssl: true
+mongodb::server::ssl_key: '/etc/ssl/wildcard.pixelpark.com-key.pem'
+mongodb::server::auth: true
+mongodb::server::create_admin: true
+mongodb::server::store_creds: true
+mongodb::server::admin_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAceqFPCvnKsnear7COTvPXNmM2gw6oIoVfOg6cFgFWr/JeYmWTzHcf9nCMXeyWnNcukM4hy/EAqoWEl39TWgUIZO9OXQyKQnyFAz5LZDhgFlSmh9UhbEoJHc5/toQm7R7XdHTAYvNVjwiEO7rDdrbz+wyQW3YlA2zjyG4WprV97ROZ+66qSFlzUPUNXvhYcerGfBv2uqeynRUP7F3fEIkPAb9uFt1vkZV/yfYcsuh1JMx8j7kjALmhELeHMZnQxwg9Ti/Rg60fC4UXFG3FTP+871KVASc3QzvrCPX4MupV6dgCRd/Oe8+aTN4tULN3nZ6nmmEVH7O0FwY/AHlousg1jBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDJu4z4abf3lBogN57jlXCygCDtxj8Dex1YxtgFICMQCO2gH06wq6Gj6Z7ZKru/7qSsQg==]
+
+infra::profile::mongodb_server::databases:
+ rocketchat:
+ user: rocketchat
+ password: "%{hiera('rocket_password')}"
+ roles:
+ - dbOwner
+
+infra::profile::mongodb_server::backup::db_username: 'backup'
+infra::profile::mongodb_server::backup::db_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEADnsZr8XUejQ9RYfJPQBj3rJj9EMyF7GRavfTV30xrV56hzpCwzCrtjSkiyFFTg4ZEGZtK52mx7neAQ0McfX/gtXM4IJodSJ7x8jmlnFH0VvSki7pmuAolQ1IzHkUSLLTjabCqG+lj+ehv1WUy5RHVhV9K16GmSpORIwHVcPTUC/cZlXeYouBcM1f2e4FaO8XF+jT28h6Vr91ib2KxkGHDfrcE0JaSOrRa+FXWTZciCfpBDtk9TwvAoo7jneWCXL9uRjA0UjPjK3GJo2tPICOKl4Yj0uAgkp/9Ydg3y22SjVpCEEihvHinTRx1cppuVPeGJD5nAwFztdawlkONbH5KjBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDxolzY/HNhKuX84v2/+nA2gCBmeCtYKIQ2p3uTi8vbAIqX9G6EFrEgUKPbRvHS/wbPxw==]
+
+rocket_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAI1OrtXX4699mlD1W7x7UUSbyOCBMUg0bZOXEYvZ02fPfH1pHgPt1XhZ6NxB7Vg4Gg9m4+jyLIg3c3N63OZMATQ6d+TUjqtqKabCQu1RUsWwHph1iBqhr/RM6KXdZW0mfWwEykM+QKr/A5oCrD4ysVWBeGQlqHyklQb37T/bz2OMVcLWTwbHWh7LgZQ3fTuUnSL7bFDcpZ9z5266GZcuciZfHPZAHpd5iazCE90YS4UHKd2RYwLShFti3OpVQO6C6ooeVip77qWor+WJZKvvgdUcaT7bSZ4wUDDXD90lKXgASXQlbuXCwrpzXGch5Ao9R/Z3LkZkN91MlzvXVVfwU4jBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBADQ4wu5a2+MWh+W5IfwRPbgCBaqZ4Z45NN0aj3nN+vrd7wgAasP6PnsFDKB/OBXEf+BQ==]
+
projects / pixelpark / hiera.git / commitdiff